Blog Tutorial, Invalid post ID. and other errors..
Posted: Wed Nov 23, 2011 11:51 pm
Hello,
i am a beginner with all of this, so have some mercy with me please..
After adding a comment in phpmyadmin, it doesn't show up in "blog_list.php".
Also when clicking on the "TEST post"-link "blog_read.php?pid=1", i get these errors:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''posts' WHERE 'post_id' = 1' at line 1
Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\core\inc\posts.inc.php on line 9
Invalid post ID. "
Here is my "posts.inc.php":
i am a beginner with all of this, so have some mercy with me please..
After adding a comment in phpmyadmin, it doesn't show up in "blog_list.php".
Also when clicking on the "TEST post"-link "blog_read.php?pid=1", i get these errors:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''posts' WHERE 'post_id' = 1' at line 1
Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\core\inc\posts.inc.php on line 9
Invalid post ID. "
Here is my "posts.inc.php":
<?php
//checks if the given post id is in the table.
function valid_pid($pid){
$pid = (int)$pid;
$total = mysql_query("SELECT COUNT('post_id')FROM 'posts' WHERE 'post_id' = {$pid}");
echo mysql_error();
$total = mysql_result($total, 0);
if($total != 1){
return false;
}
else{
return true;
}
}
//fetches a summery of all the blog posts.
function get_posts(){
$sql = "SELECT
`posts`.`post_id` AS `id`,
`posts`.`post_title` AS `title`,
LEFT(`posts`.`post_body`, 512) AS `preview`,
`posts`.`post_user` AS `user`,
DATE_FORMAT(`posts`.`post_date`, '%d/%m/%Y %H:%i:%s') AS `date`,
`comments`.`total_comments`,
DATE_FORMAT(`comments`.`last_comment`, '%d/%m/%Y %H:%i:%s') AS `last_comment`
FROM `posts`
LEFT JOIN (
SELECT
`post_id`,
COUNT(`comment_id`) AS `total_comments`,
MAX(`comment_date`) AS `last_comment`
FROM `comments`
GROUP BY `post_id`
) AS `comments`
ON `posts`.`post_id` = `comments`.`post_id`
ORDER BY `posts`.`post_date` DESC";
$posts = mysql_query($sql);
$rows = array();
while (($row = mysql_fetch_assoc($posts)) !== false) {
$rows[] = array(
'id' => $row['id'],
'title' => $row['title'],
'preview' => $row['preview'],
'user' => $row['user'],
'date' => $row['date'],
'total_comments' => ($row['total_comments'] === null) ? 0 : $row['total_comments'],
'last_comment' => ($row['last_comment'] === null) ? 'never' : $row['last_comment']
);
}
return $rows;
}
//fetches a single post from the table.
function get_post($pid){
$pid = (int)$pid;
$sql = "SELECT
`post_title` AS `title`,
`post_body` AS `body`,
`post_user` AS `user`,
`post_date` AS `date`
FROM `posts`
WHERE `post_id` = {$pid}";
$post = mysql_query($sql);
$post = mysql_fetch_assoc($post);
$post['comments'] = get_comments($pid);
return $post;
}
//adds a blog entry.
function add_posts($name, $title, $body){
$name = mysql_real_escape_string(htmlentities($name));
$title = mysql_real_escape_string(htmlentities($title));
$body = mysql_real_escape_string(nl2br(htmlentities($body)));
mysql_query("INSERT INTO `posts` (`post_user`, `post_title`, `post_body`, `post_date`) VALUES ('{$name}', '{$title}', '{$body}', NOW())");
}
?>
"comments.inc.php"
<?php
//fetches all of the comments for a given blog post.
function get_comments($pid){
$pid = (int)$pid;
$sql = "SELECT
`comment_body` AS `body`,
`comment_user` AS `user`,
DATE_FORMAT(`comment_date`, '%d/%m/%Y %H:%i:%s') AS `date`
FROM `comments`
WHERE `post_id` = {$pid}";
$comments = mysql_query($sql);
$return = array();
while (($row = mysql_fetch_assoc($comments)) !== false){
$return[] = $row;
}
return $return;
}
//adds a comment.
function add_comment($pid, $user, $body){
if(valid_pid($pid) === false){
return false;
}
$pid = (int)$pid;
$user = mysql_real_escape_string(htmlentities($user));
$body = mysql_real_escape_string(nl2br(htmlentities($body)));
mysql_query("INSERT INTO `comments` (`post_id`, `comment_user`, `comment_body`, `comment_date`) VALUES ({$pid}, '{$user}', '{$body}', NOW())");
return true;
}
?>
"blog_read.php"
<?php
include('core/init.inc.php');
?>
<!DOCTYPE html PUBLIC ".//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org//1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test Title</title>
</head>
<body>
<div>
<?php
if (isset($_GET['pid']) === false || valid_pid($_GET['pid']) === false){
echo 'Invalid post ID.';
}else{
$post = get_post($_GET['pid']);
?>
<h2><?php echo $post['title']; ?></h2>
<h4>By <?php echo $post['user'] ?> on <?php echo $post['date']; ?> (<?php echo count($post['comments']); ?> comments)</h4>
<hr />
<p></p>
<hr />
<form action="" method="post">
<p>
<label for="user">Name</label>
<input type="text" name="user" id="user"/>
</p>
<p>
<textarea name="body" rows="20" cols="60"></textarea>
</p>
<p>
<input type="submit" value="Add Comment" />
</p>
</form>
<?php
}
?>
</div>
</body>
</html>
"blog_list.php"
<?php
include('core/init.inc.php');
?>
<!DOCTYPE html PUBLIC ".//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org//1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test Title</title>
</head>
<body>
<div>
<?php
$posts = get_posts();
foreach($posts as $post){
?>
<h2><a href="blog_read.php?pid=<?php echo $post['id']; ?>"><?php echo $post['title']; ?></a></h2>
<h4>By <?php echo $post['user']; ?> on <?php echo $post['date']; ?></h4>
<h4>(<?php echo $post['total_comments']; ?> comments, last comment <?php echo $post['last_comment']; ?>)</h4>
<hr />
<p><?php echo $post['preview']; ?></p>
<?php
}
?>
</div>
</body>
</html>
